Imprivata Privileged Access Management Product Update 2.3.202003082259
March 8, 2020
PAM Update: Added option to login to the application using Facebook or Twitter delegated authentication
This update adds the option to login to the application using Facebook or Twitter delegated authentication.
Added the option to login to the application using social media (Facebook, Twitter) authentication delegation
This update adds the option to login to the application using OAuth delegation to social media identity providers such as Facebook or Twitter using OAuth protocol.
The system auto-creates a guest account for social media login and makes personal vaults or pre-configured assets available for them.
To enable the integration create social media application as the OAuth endpoint with the call back URL to https://XTAM-HOST/cas/login?client_name=CLIENT_NAME.
After that configure the OAuth client in the application properties file using the following parameters:
# Facebook
cas.authn.pac4j.facebook.clientName=Facebook
cas.authn.pac4j.facebook.id=APPLICATION-ID
cas.authn.pac4j.facebook.secret=APPLICATION-SECRET
cas.authn.pac4j.facebook.fields=id,name,first_name,middle_name,last_name,email
cas.authn.pac4j.facebook.scope=public_profile,email
# Twitter
cas.authn.pac4j.twitter.id=APPLICATION-ID
cas.authn.pac4j.twitter.secret=APPLICATION-SECRET
cas.authn.pac4j.twitter.clientName=XTAMTwitter
To enable guest login with automated local group LOCAL-GROUP-NAME access grant configure the following properties:
xtam.user.guest.enabled=true
xtam.user.guest.ttl=0
xtam.user.guest.group=LOCAL-GROUP-NAME
